Ayman Sagy
Ayman is a senior security consultant at Sense of Security, a CyberCX company.

He has been working in the IT industry since 2004 and possesses over 5 years of infosec experience. Before joining Sense of Security, a CyberCX company, Ayman has previously worked as system administrator, data center and ICT specialist where has implemented, operated and supported IT infrastructure systems for different projects with various government and service provider organisations.

Ayman had an early passion for information security, he has achieved various infosec certifications including Offensive Security Exploitation Expert (OSEE), an Offensive Security Certified Professional (OSCP) and moved into professional infosec career at Sense of Security in 2015.

Ayman has performed several network and application penetration testing of different systems and applications for across various industries including government, banking and finance, healthcare, education, utilities and service providers. Ayman also enjoys vulnerabilities research, he has one published CVE (CVE-2018-15615) and a research paper on Anti-Malware product bypass.

Orchestrated Containers and How to Hack Them

Technical Level (3 being the highest score): 3

Kubernetes dropped into the scene in 2014 as a gift from Google, promising to help simplify the dev/ops workflow by moving to immutable, idempotent infrastructure-ascode setups. It's seen rapid adoption in the last couple of years with managed offerings from Amazon AWS, Microsoft Azure, and Google GCP.

Unfortunately, this world of containers comes with a false sense of security and many of the defaults for Kubernetes leave your environments wide open to attack.

Confusing documentation, insecure defaults, and overall ecosystem immaturity lead to drastic gaps in environmental security, and monitoring, reducing your organisation's capacity to detect, prevent, and respond to a malicious actor attacking your containerised assets - a situation that has been capitalised on by managed security vendors charging tens of thousands of dollars for domain experience that never trickles down into the core of your deployment strategies.

Luckily, with a few simple pointers the sky will no longer be falling.

This presentation focuses on attack paths we take, and points of interest we look at, when performing orchestrated containerised environment security reviews.

It looks at common mistakes and low-hanging fruit in network configurations and authorisation policies, as well as supplemental configurations and automated policy enforcement to harden your environment and raise the bar.

Secure your place now!